IT Governance Lead at Bank of Kigali: Deadline:05th July 2024.

IT Governance Lead

Information Technology

Project & Governance

Manager, IT Projects & Governance

The IT Governance Lead shall play a pivotal role in ensuring the effective implementation of governance, risk management, and compliance frameworks within Bank of Kigali. This individual oversees all aspects of Governance, Risk and Compliance activities, working closely with cross-functional teams to mitigate risks, ensure regulatory compliance, and uphold the bank’s reputation and integrity.

• Developing and Implementing GRC Frameworks: Lead the development and implementation of comprehensive governance, risk, and compliance frameworks aligned with regulatory requirements and industry best practices.
• Risk Management: Collaborate with Information System Risk department in conducting regular risk assessments and develop risk mitigation strategies to identify, assess, and manage risks across IT operations.
• Regulatory Compliance: Stay abreast of regulatory developments and ensure the bank’s compliance with relevant laws, regulations, and guidelines issued by regulatory authorities.
• Policy Development and Implementation: Collaborate with other stakeholders in the development and maintenance of policies, procedures, and guidelines related to governance, risk management, and compliance, ensuring adherence and consistency across the bank.
• Internal Controls and Audits: Establish and monitor internal controls to mitigate risks and ensure the effectiveness of control mechanisms. Coordinate internal and external audits, examinations, and assessments to evaluate compliance and control effectiveness.
• Training and Awareness: Collaborate with relevant stakeholders in providing training and awareness programs to educate employees on GRC requirements, policies, and procedures, promoting a culture of compliance and ethical conduct.
• Incident Management and Reporting: Collaborate with IT monitoring unit in establishing incident management processes to identify, report, and respond to incidents, breaches, and violations promptly.
• Stakeholder Engagement: Collaborate with internal stakeholders, including senior management, legal, compliance, audit, information security and risk management functions, as well as external stakeholders, including regulatory agencies, industry associations, and external auditors.
• Provide to the IT management overall IT governance regular status reports and entire technology in general.
• Vendor and Third-Party Risk Management: Assess and manage risks associated with vendors, suppliers, and third-party service providers, ensuring compliance with contractual obligations and regulatory requirements.
• Disaster Recovery and Business Continuity: Support cross-functional teams in the development and maintenance of crisis management and business continuity (disaster recovery) plan to ensure the bank’s resilience in the face of disruptive events, such as cyberattacks, natural disasters, or operational failures.

• Minimum 3 years of experience in GRC, risk management, compliance, or related field, preferably in the banking or financial services industry.
• Experience with compliance reporting tools (software) technologies.

• Bachelor’s Degree in Computer Science, Business administration, computer engineering, information systems or any other relevant degree
• Professional certification in IT Governance frameworks (e.g. CISA, COBIT, ISO 27001, BCMS)

• In-depth knowledge of banking regulations such as AML and regulatory compliance requirements.
• Ability to align IT strategy with business objectives and effectively communicate IT governance initiatives to senior management and stakeholders.
• Understanding the banking industry, operations, and regulatory environment to effectively assess IT governance requirements and align IT initiatives with business needs.
• Knowledge of relevant regulations and compliance requirements specific to the banking industry (such as PCI-DSS and data protection) to ensure IT systems and processes adhere to legal and industry standards. Strong analytical, communication, and leadership skills, with the ability to influence and collaborate effectively across all levels of the organization.
• Ability to document the implemented regulatory requirements
• Ability to interpret a policy into an actionable plan.
• Stakeholder management
• Reporting Sound judgment, integrity, and a commitment to upholding the highest ethical standards.